Security in Qlik Sense Enterprise on Windows consists of the following:
- Protection of the platform
How the Qlik Sense platform itself is protected and how it communicates and operates.
Who is the user and how can the user prove it? Qlik Sense uses standard authentication protocols (for example, Integrated Windows Authentication), HTTP headers, and ticketing to authenticate every user requesting access to data.
What does the user have access to? Authorization is the procedure of granting or denying users access to resources.
The Qlik Sense platform tracks changes in the repository database, provides comprehensive audit and security logging, and monitors applications.
Qlik Sense protects confidentiality by:
- encrypting network connections with Transport Layer Security (TLS)
- leveraging the operating system file system and server access controls to protect content on Qlik Sense nodes
- protecting memory using operating system controls
- securing application access at the resource level
- encrypting sensitive information (e.g. passwords and data connection strings) with AES-256 encryption
- protecting app data using data reduction and data encryption
Operating system controls like the file system are leveraged to provide integrity by protecting data at rest, encrypting sensitive information, and preventing data write back to the source system.
Qlik Sense deployed in a multi-node environment is designed for resiliency and reliability.